From e76098b22e5d3f5bb422dfcca34b4d61fe2bd593 Mon Sep 17 00:00:00 2001
From: Caolán McNamara <caolanm@redhat.com>
Date: Tue, 11 Nov 2014 17:48:26 +0000
Subject: valgrind+afl: check p1 at start of loop

Change-Id: I9ef947d9a9089f2bcf6c86711f10224a03abf394
---
 .../graphicfilter/data/png/pass/afl-sample-IDAT.png       | Bin 0 -> 260 bytes
 vcl/source/gdi/pngread.cxx                                |   6 ++++--
 2 files changed, 4 insertions(+), 2 deletions(-)
 create mode 100644 vcl/qa/cppunit/graphicfilter/data/png/pass/afl-sample-IDAT.png

(limited to 'vcl')

diff --git a/vcl/qa/cppunit/graphicfilter/data/png/pass/afl-sample-IDAT.png b/vcl/qa/cppunit/graphicfilter/data/png/pass/afl-sample-IDAT.png
new file mode 100644
index 000000000000..b116a92ecd2d
Binary files /dev/null and b/vcl/qa/cppunit/graphicfilter/data/png/pass/afl-sample-IDAT.png differ
diff --git a/vcl/source/gdi/pngread.cxx b/vcl/source/gdi/pngread.cxx
index 2bbfede76210..36e6803e8e71 100644
--- a/vcl/source/gdi/pngread.cxx
+++ b/vcl/source/gdi/pngread.cxx
@@ -1030,9 +1030,11 @@ void PNGReaderImpl::ImplApplyFilter()
             p1 += mnBPP;
 
             // use left pixels
-            do
+            while (p1 < pScanEnd)
+            {
                 *p1 = static_cast<sal_uInt8>( *p1 + *(p2++) );
-            while( ++p1 < pScanEnd );
+                ++p1;
+            }
         }
         break;
 
-- 
cgit